In order to enable Guard for your account, visit the mailbox.org Settings page and find the option Guard Security Settings. There, click on the Start Button. In the first step, you need to decide whether to use the mailbox.org Guard or the Mailvelope web browser add-on as a security solution.
Generally, we recommend using the mailbox.org Guard. If you wish to use Mailvelope instead, make sure to edit the Mailvelope configuration settings and add mailbox.org to the list of available e-mail providers. Also, you need to enable the Mailvelope-API for *.office.mailbox.org to be able to recognize and use the add-on.
Important: Once you decide to use Mailvelope as a security solution for your account, it will be permanently enabled and cannot be switched off! Only when you use mailbox.org Guard will our support be able to deactivate it later, if required.
If you went ahead by clicking on mailbox.org Guard, a pop-window will appear, asking you to enter a password that controls access to your private encryption key. Please pick a strong yet memorable password and confirm.
Please keep in mind that mailbox.org will NOT store a plain-text copy of your encryption key or your password on their systems!
If you happen to forget this password or delete the key from our system without having a backup copy, your previously encrypted e-mails and files will be lost. There is no feasible way to decode them anymore.
In such case, mailbox.org will be unable to help you. Restoring your encrypted e-mails and files is technically impossible for us to do. This is not a deficiency but an important feature of the mailbox.org Guard, because if it was possible for us to decode your data somehow then the entire encryption system would be useless after all.
After you have activated the Guard, our system will automatically generate the required pair of PGP keys. You need two of those because one of them is public – to be used by anyone wanting to write an e-mail to you to encrypt their message. The second key is kept secret and used by you to decrypt these messages whenever you wish to read them. Access to the private key is secured via the password that you entered upon activation. You may choose a password that is different from your account password. If you want to learn more about how PGP works, have a look at our Doodle Video on the matter.
If you would like to manage your keys, open the PGP key management There, you will see a list with two different key sets:
First, an entry for a pair of secondary keys, used to perform the actual encryption of your messages and files (similar to how a local PGP installation would work).
The other entry is for your pair of master keys whose sole purpose is to secure access to the secondary key pair.
You can download copies of any of these keys from the Guard PGP Setting page. For instance, you might want copies of the secondary keys to import into your local PGP installation (Do this only if you are new to PGP and don’t have any other, previously created PGP keys!). By importing these keys, you can access your encrypted e-mails both via web mail and through your local mail client.
Using your own PGP keys
If you already have a set of PGP keys, you can use them with Guard. You should upload your public encryption key in order for other Guard users to be able to find it easily. Additionally, you can choose to also upload your private key to be securely stored on the server – this is required to enable the reading of encrypted e-mail using the mailbox.org web interface (i.e., in the browser).
If you want to use your own PGP key with Guard, then this key must use your main mailbox.org e-mail address as a UID.