mt_rand uses
http://en.wikipedia.org/wiki/Mersenne_twister
rand uses
http://en.wikipedia.org/wiki/Linear_cong..._generator
Rand is actually faster than mt_rand by such a small amount that its not even something to make a change for. (Now if you look at the two functions line for line mt_rand is faster as it goes through its code faster, however theres more of it so in the end it ends up ever so slightly slower)
Rand can easily be manipulated by python allowing hackers the ability to manipulate the outcome of the PRNG within a range allowing them to increase the odds of getting the desired number from the PRNG. mt_rand is still susceptible to this but not as bad.
If the goal is great randomness such as crypto randomizing then openssl_random_pseudo_bytes() would be the route to go. But this function is heavy and can be slow at times.
In many tests I've read and I've performed rand() isnt very random. While mt_rand while not 100% random either performs better in randomization.
http://web.archive.org/web/2014080100272...s-mt_rand/
And one thing you will also notice in alot of "test" articles that provide similar results when comparing the two functions is people dont bother to check what their system is using for its PRNG. rand() could actually be using the mersenne twister provided the server is using it as the default.