Unfortunately, you can’t.
If you lose your mailbox.org Guard password, there is no way to retrieve your original PGP key from our server. We at mailbox.org do not store your password on our systems for security reasons and as a consequence, we will not have any backups or copies of your password, or any other mechanism at our disposal to decode or retrieve your key files.
Unless you have an accessible backup, any e-mails or files previously encrypted with the key that is lost can no longer be decrypted. This is not something we invented but the usual consequence in any PGP encryption scenario.
Note that without the Guard password, it is not possible anymore to remove previously added key pairs from your key list!
What to do: Create or upload a new pair of keys
If your Guard password is lost, you can continue using your account by creating a new pair of keys for encryption. You may create the new keys either directly in the mailbox.org interface or alternatively, in a local mail client and then upload them to mailbox.org.
Go to the Guard PGP settings page. In your key list, click on the “+” symbol after the Your Key List headline. A pop-up window will appear, giving you the aforementioned options to choose from. Whether you create a new pair of keys here automatically, or upload them from someplace else, you will then also need to create (and remember!) a new Guard password.
As a result, you will now have at least two pairs of keys on your list (refresh the page if the new ones don’t appear instantly), and the most recently created one will be flagged as Current. Only the current key pair will be used by mailbox.org to encrypt your communication and data, so do make sure to double-check! Also, don’t forget to distribute the newly created public PGP key to your communication partners.