I've always liked the idea of keyfiles, similar to how they are implemented in TrueCrypt.
Basically I'd do away with the forgotten password altogether and instead have the user supply a keyfile that s/he chose ahead of time in such situations. A good keyfile might be a picture taken on his/her digital camera, and stored on a CD in a safe place. An MD5 of the keyfile is sent as "proof" of the user being authentic. Then s/he can log in and change the password.
Assume that everything I say is or could be a lie.