Nobody is supposed to "recover a password", otherwise it would defeat one of the most important properties of the passwords. Passwords should not be recoverable, ever. If a password is lost, a brand new one should be created. I would say, the major purpose of password recovery would be committing a crime. Passwords in their original form is never needed for authentication. Also, passwords are never stored anywhere, but the cryptographic hash
of a password can be stored with reasonable security.
Please see my past answers:
i already encrypt my password but when i log in it gives me an error. how can decrypte it
Decryption of Encrypted Password
storing password value int sql server with secure way
Please also see the discussion in the comments to the question. H. Brydon is right: MD5 should never be used for security purposes.