In theory, there are infinitely many passwords that map to the same hash, so not all passwords are recoverable. In practice most passwords will be recoverable (given enough computing power), because there will only be a single 'reasonable' match (you will probably find only one for passwords of reasonable length).

But would you consider that 'recovery' or 'discovery'. To me, recovering passwords means applying an operation to reverse encryption. Brute-forcing passwords is simply guessing, which makes it a discovery.