strcmp vs. == vs. === in PHP for checking hash equality

Question

I\'m using crypt() to hash passwords in PHP, and am trying to work out the safest way of testing equality of the resulting hash when performing password checks.

Answer 1

I think that using == would be sufficient in your case.

== checks for equality regardless of type, whereas === checks for equality as well as type.

1 == "1" = True

1 === "1" = False

Since we're not too concerned with type, I'd keep it simple and go with ==.