Are there any possible way of making it impossible for website administrator to retrieve a password from a user?

I'm creating a website and I'm afraid that my friends are afraid of that I know all the passwords.

So my question are there any possible way of making it impossible for me to retriev开发者_运维知识库e a password of some random user. Hashing is not an option, because I can still get the password before hashing. My web app is written in PHP and if there is one solution to this problem I would like to hear it.

You could have the password hashed in Javascript on the client side, before it arrives at the server. But then you would of course have to hash+salt it again on the server side.

You could also hand off authentication to another method, like Facebook Connect or OpenID.

you could use oauth similar to how stackoverflow works, so they can authenticate with their google/facebook/etc login