It's very unlikely that two people with the exact same username will pick the exact same lame password.
If they do, then they could have logged into each others' accounts anyway -- so it's high time for them to figure it out. ;)
They couldn't log into each other's accounts without knowing they had the same password, except by guessing. They wouldn't know that until this new special page told them. It's highly unlikely, sure, but not impossible. I doubt there are many people with accounts with the same password but different email address, so the gain is minimal. I don't think that minimal gain is worth the, admittedly small, chance of given someone access to someone else's account.
The code is guessing that two accounts with the same username and password are owned by the same person, it's very likely, but it isn't definite, so it is a guess. Just because two accounts have the same password doesn't mean that knowing one means you know the other, since you don't know they are the same.