Well, i'm not sure if there are any algorithm pairs out there that would work, but how about a public/private key pair, where you would encrypt the passwords with the public key. To check the passwords for login, you would again re-encrypt with the public key and compare the encrypted results (similar to standard hashes, The only problem, IIRC is that public key algorithms generally don't generate the same results on the same piece of text 2 times in a row.)

If you end up with a user that can't remember their password, you just decrypt it with you private key (kept in a safe place of course). And hand it back to them.