Something not mentioned here is that timing attacks have been proven effective even across the internet; you might think "Oh the jitter in TCP is going to overwhelm any leaked information," but you would be wrong.
If you're comparing plain text passwords then you've already done something wrong. You'll find the hash construct mitigates against attacks like these due to its nature, especially with a per user salt.
Your post was hard to read because of your background image
<a href="http://cf.verboselogging.com/assets/headshot-44822a75dfeaa891c3bb14b64f75f7fc.jpg" rel="nofollow">http://cf.verboselogging.com/assets/headshot-44822a75dfeaa89...</a>