I prefer slightly different approach. When user forgets his password he is sent a temporary link to a form where he can create new password. You can find examples by googling a bit (i searched for php forgot password reminder script).
As mentioned by others never keep pw as plaintext. Hashing is a little more secure, salted hashes even more so. Double hash with salts even better again. But that's just a poor man's version of hmac. So, for passwords, you may be better of stoing a keyed hash via the hmac method.
Of course this will be a separate to your reset pw. If you take care to make your passwords secure, you should also make the reset process as secure as possible.