diff --git a/inc/mod/pages.php b/inc/mod/pages.php
index a057ad25..0bbd7065 100644
--- a/inc/mod/pages.php
+++ b/inc/mod/pages.php
@@ -1021,6 +1021,76 @@ function mod_user_posts_by_ip(Context $ctx, string $ip, string $encoded_cursor =
     mod_page(\sprintf('%s: %s', _('IP'), \htmlspecialchars($ip)), 'mod/view_ip.html', $args, $args['hostname']);
 }
 
+function mod_user_posts_by_passwd(Context $ctx, string $passwd, string $encoded_cursor = null) {
+    global $mod;
+
+    // The current hashPassword implementation uses sha3-256, which has a 64 character output in non-binary mode.
+    if (\strlen($passwd) != 64) {
+        error('Invalid password');
+    }
+
+    $config = $ctx->get('config');
+
+    $args = [
+        'passwd' => $passwd,
+        'posts' => []
+    ];
+
+    if (isset($config['mod']['ip_recentposts'])) {
+        // TODO log to migrate.
+        $page_size = $config['mod']['ip_recentposts'];
+    } else {
+        $page_size = $config['mod']['recent_user_posts'];
+    }
+
+    $boards = listBoards();
+
+    $queryable_uris = [];
+    foreach ($boards as $board) {
+        $uri = $board['uri'];
+        if (hasPermission($config['mod']['show_ip'], $uri)) {
+            $queryable_uris[] = $uri;
+        }
+    }
+
+    $queries = $ctx->get(UserPostQueries::class);
+    $result = $queries->fetchPaginateByPassword($queryable_uris, $passwd, $page_size, $encoded_cursor);
+
+    $args['cursor_prev'] = $result->cursor_prev;
+    $args['cursor_next'] = $result->cursor_next;
+
+    foreach($boards as $board) {
+        $uri = $board['uri'];
+        // The Thread and Post classes rely on some implicit board parameter set by openBoard.
+        openBoard($uri);
+
+        // Finally load the post contents and build them.
+        foreach ($result->by_uri[$uri] as $post) {
+            if (!$post['thread']) {
+                $po = new Thread($post, '?/', $mod, false);
+            } else {
+                $po = new Post($post, '?/', $mod);
+            }
+
+            if (!isset($args['posts'][$uri])) {
+                $args['posts'][$uri] = [ 'board' => $board, 'posts' => [] ];
+            }
+            $args['posts'][$uri]['posts'][] = $po->build(true);
+        }
+    }
+
+    $args['boards'] = $boards;
+    $args['token'] = make_secure_link_token('ban');
+
+    if (empty($encoded_cursor)) {
+        $args['security_token'] = make_secure_link_token("user_posts/passwd/$passwd");
+    } else {
+        $args['security_token'] = make_secure_link_token("user_posts/passwd/$passwd/cursor/$encoded_cursor");
+    }
+
+    mod_page(\sprintf('%s: %s', _('Password'), \htmlspecialchars($passwd)), 'mod/view_passwd.html', $args);
+}
+
 function mod_ban(Context $ctx) {
     global $config;