Originally Posted by zijlstravideo

Yeah, this should be easy to debug. If PHP tells you the two variables don't match, they don't match.

Echo both your $_POST variable and $password, and see why they don't match.

EDIT:
On your signup form, you use $password = mysqli_real_escape_string($link, $_REQUEST['password']), before you hash it and store it into your database.
Therefore, any added slashes before escaped characters become part of the hash as well.
Perhaps try: if(password_hash(mysqli_real_escape_string($_POST['password']), PASSWORD_BCRYPT) === $password)