When I forget my password, don’t use my email to confirm that I have authority to reset it, use my email to log me in. Just treat an email address as a flavor of Open ID and we’ll all get along fine.
I don’t even save passwords for a lot of sites. I auto-generate a new random password, use it to login or create the account, and use password recovery by email whenever the site logs me out.