They can have.
But not at the same time for the same application.
Session id is generated by the server at the time of creation of session. It guarantees that it generates a unique alive session id. However, it doesn't guarantee once the session is dead/out of scope.
It is also possible to get same value if the web server is restarted
Quote:
You should not use the SessionID property to generate primary key values for a database application. This is because if the Web server is restarted, some SessionID values may be the same as those generated before the server was stopped.
Reference:
https://msdn.microsoft.com/en-us/library/ms524326%28v=vs.90%29.aspx[
^]
Hope, it helps :)