Well you will compromise on security a little using 2-way encryption but if that's the functionality you want then that's what you're best doing. The fact that passwords can ultimately be sent in email unencrypted is a security compromise in itself.
Like with any encryption, using several methods in combination and concatenating the password string with a secret key string known only to your application will make it increasingly more secure.
You can also think about storing the password in the database using a 2-way encryption method (like mcrypt), and using a different 1-way encryption method (e.g. md5) for the authentication cookie you send back to the client.
I can highly recommend the PHP Cookbook (O'Reilly) which is an excellent book and has a highly informative section with examples on encryption and decryption using mcrypt and doing cookie based authentication. Otherwise, check out the user-submitted recipes on the PHP manual
http://uk.php.net/manual/en/ref.mcrypt.php
The other way is to keep one-way encryption and get the user to fill out a 'password reminder' field and store it in a database. You can email that to them instead of the password.