I think it's time to think and implement the ability to reset ROOT password by email or something else.
We are coming across this issue from time to time. I know can change it by hand directly in DB, but it's not the easiest way for users so we should come up with easy and save way of doing it.
My proposal is:
When DBG_RESET_ROOT option is enabled (new - needs to be added) we can show additional Link right below Login form which will email the password to website administrator (email specified as main email address for the website). Since password for ROOT user is not lost on a daily basis this should do the work.