Whenever new private keys are generated they should mandatory have the option to send the keys to a removable device unencrypted clear text for safe keeping.  Then the private keys in the wallet should be encrypted in the wallet and in memory and only unencrypted at the time Bitcoins are sent.   If someone forgets their password they should be able to re-import the private key from a removable device and then set a new password on the private keys for the wallet.

-Dukejer.