Set up two-factor authentication in mailbox
When using Two-Factor Authentication (2FA) for your account, you must create and use a corresponding application password to access your calendar, contacts, or Drive data with external apps. Without Two-Factor Authentication (2FA), application passwords are optional.
With two-factor authentication (2FA), mailbox offers you an enhanced way to reliably secure access to your mailbox. 2FA protects your data in addition to your password. Depending on the setup, you can choose between two variants: two-factor authentication using the TOTP method (Time-based One-Time Password) and the OTP method, which at mailbox is known as Login 2.0 (One-Time Password).
Why use two-factor authentication
Two-factor authentication significantly increases the security of your mailbox. In addition to your password, you need a second factor – such as a time-based one-time code (TOTP) generated on a separate device. This prevents access even if your password falls into the wrong hands.
Time-based One-Time Password: Login via TOTP
TOTP-based two-factor authentication offers a simple way to secure your account with a second factor – without additional hardware, directly via an app on your smartphone. TOTP-capable authenticator apps include e.g., Google Authenticator, Bitwarden, or FreeOTP.
If you have enabled 2FA and lose access to your authenticator app, you can only reset your password if you have previously set up a password reset method for your account.
Examples for compatible authenticator apps
| Platform | App | Description |
|---|---|---|
| Android | FreeOTP+ | Open source, lightweight, compatible with TOTP/HOTP |
| Android & iOS | FreeOTP | Open source app by Red Hat |
| Android & iOS | Bitwarden | Password manager with integrated OTP generator |
| iOS | Apple Passwords (iCloud Keys) | Integrated in iOS/macOS, automatically creates TOTP codes |
Setting up 2FA for mailbox
- In mailbox Office, click the gear icon and open All settings | Security | Two-factor authentication.
- Enter a device name.
- Scan the displayed QR code with your authenticator app.
- Enter the 6-digit code generated by the app in the TOTP code text box.
- Click Check code and activate TOTP.
After successful setup, both your password and the current code from the app will be required for login.
Once you have enabled two-factor authentication, you must set up so-called application passwords for CalDAV/CardDAV.
Illustrated instructions
Step 1: Open Security settings in mailbox Office
Figure 1: You can find the menu item for 2FA under Security in the mailbox settings.
Step 2: Scan QR code with authenticator app
Figure 2: Scan the QR code displayed with your authenticator app, e.g., Bitwarden, FreeOTP, Google Authenticator.
Step 3: Enter TOTP code
Figure 3: Enter the 6-digit code generated by the app.
Step 4: Done
Figure 4: You have successfully set up 2FA.
