Regarding why it happens, that will depend a lot on your system, I'm sure. However, for us, it can happen when a member of staff both registers as a Web-site user (which is desirable, because we want staff to see the experience of users), and is assigned an editor/administrator account in the Kentico CMS. If the administrator account is created first, it's fine and both can co-exist without problems. That's desirable because it allows staff to use their work email accounts for both purposes. If the user account is created first, it doesn't work because Kentico rejects the administrator account as a duplicate. But we've been running for a year and not yet noticed any problems caused by the duplicates created by the first route above - indeed, it's an advantage, for the reasons stated. Staff using the second route need to find an external email account, or use a personal one, in connection with editing work.
Personally, I understand why one would use a single, combined user database for users and administrators on an intranet. However, I have always felt it to be a mistake for public Web sites. I want to be able to visit the site both as a signed-in user and as a visitor while editing, and I don't want any rights that I may have as administrator to interfere with what I see when I do. But Kentico is like other CMSs in choosing the combined route.