2FA also works if you use your own domain with mailbox.org
For your security, mailbox.org supports several variants of two-factor authentication:
We do not offer SMS based 2FA and this is not planned for the future.
The 2 factor authentication is only available for our web interface. The other services like IMAP, POP3, SMTP and also WebDAV, CalDAV and CardDAV do not support 2FA.
Please ensure to allow the needed cookies in your web browser.
Important: If you loose your Yubikey or your token, you can only reset your password (and switch off 2FA), if you provided some information for the password reset procedure. Otherwise, we cannot help.
If you want to log in with PIN and OTP password in our mailbox.org office web interface, you have to enter the 4-digit PIN and the One-Time-Password for password input without any whitespace char. (PIN+Token entered into the "Password" field)
If you use two-factor authentication, the following restrictions apply:
In mailbox.org Office you can select the desired authentication method under "Settings -> mailbox.org -> One Time Passwords -> OTP Method":
Specify the four-digit PIN and the desired security level. The PIN may contain letters ( a-z lowercase or uppercase) and numbers, but no special characters. Then select the desired method to generate one-time passwords: via mailbox.org-YubiKey or with one of the other methods.
We offer two different levels of two-factor authentication:
Don't click "Submit" just yet. First configure your OTP token below.
When selecting the option OTP-generators and other YubiKeys, an additional tool for managing your OTP tokens will be displayed.
Here, you can see tabs that offer options for the quick configuration of Android or Apple smartphones; followed by expert settings for the configuration of arbitrary compatible tokens and for registering third-party YubiKeys; and actions for the management of existing tokens (Enable/Disable/Delete).
After having created an OTP token for a smartphone app, just scan the QR code with your phone to set up the app for generating valid tokens.
Lost token - what now?
If you have lost your token, you can still use the function to reset your password. The moment you reset your password e.g. by e-mail or a reset code via SMS, you can create a new password. This also deactivates two-factor authentication. With this new, regular password you can log in again - and have access to all functions of your mailbox.org office as usual.
As already mentioned above, you can only reset your password if you have stored the corresponding information in your account. If, for example, you have not entered an e-mail address or a mobile phone number for a password reset for reasons of anonymity and access to your mailbox.org e-mail account via IMAP is deactivated, then we have no way of verifying your identity as the owner of the account.
In this case a password reset is no longer possible!
Don't forget to click "Submit" yet.
Verwandte Artikel erscheinen hier basierend auf den Stichwörtern, die Sie auswählen. Klicken Sie, um das Makro zu bearbeiten und Stichwörter hinzuzufügen oder zu ändern.
If you use two-factor authentication, the following restrictions apply