I misinterpreted what I was looking at and I made a bad assumption that since the same hash for a known password appeared several times in my narrow view that it was the same for all occurrences of the known password.
Your comment that the maximum number of a given salt||hash was seven also threw me for a second. Am I correct that that is purely coincidental? Given the limit of only two characters for the salt (in what set? all printable characters?) and the sheer volume of accounts there is simply some unintended overlap? It just happens that the most it occured was seven times?
Yeah, seven is just coincidental. But, it appears that you are correct in one respect: seven seems a bit high to me. I don't have the time to do the probability distributions out, if someone cares would they do the calculation and check?
EDIT: The salt 'sV' occurred 215 times. sV39Fw5at18zo occurs seven times. Assuming that there were only 300 possible passwords each of which occurred with probability ~.3% (the probability of '123456'), then the probability of seven passwords hashing to the same value is incredibly low. Less than a thousandth of one percent. Does anyone know why this is? Or was it just the case that Scorpion's assumption that the distribution is very non-random is correct?
Your comment that the maximum number of a given salt||hash was seven also threw me for a second. Am I correct that that is purely coincidental? Given the limit of only two characters for the salt (in what set? all printable characters?) and the sheer volume of accounts there is simply some unintended overlap? It just happens that the most it occured was seven times?