"256 bit ... is beyond overkill"
Actually worse for you than that. For a collision-free hashing algorithm the safe limit is for the total length of the clear text to not exceed the length of the hash (in bits). If it does, there _will_ be (not just may be) collisions. So very long plaintexts (regardless of their make-up) actually make the attacker's job more rewarding, as brute forcing a given hash may yield more than one plaintext. Thus the attacker can potentially obtain more credentials from the same number of captured hashes.
However your '50% probability' depends on the hashing algorithm's transfer function having a uniform distribution. I'm not sure whether it does, but I'd be surprised if it did considering the principle of how it works.
Biting the hand that feeds IT
