[bdfh42]

Hashing a salted password is definitely the way to go - and of course if your hash algorithm is worth anything you should not be able to "unhash" it again.

It would, I suppose, be possible to salt and encrypt a password before storing it and thus be able to retrieve the original but you would have to be very sure that no 3rd party could get hold of your encryption key.

[tonyarkles]

I was just thinking about this too. You could do the normal hash approach, but also encrypt the password with asymmetric encryption (public/private keys). The public key goes on the server to encrypt the password, the private key gets kept somewhere else securely.

When a user forgets his or her password, you use the private key to decrypt it and give it to them. Depending on how securely you keep the private key (say, on a USB key, kept in a lock box), it might be a hassle, but I'm pretty sure it'd be a secure way to still have access to the cleartext passwords.