Mailbox.org supports two factor authentication for their webmail only. You can use either TOTP or a Yubikey via the Yubicloud. Web standards such as U2F and WebAuthn are not yet supported.
Mailbox.org allows for encryption of incoming mail using their encrypted mailbox. New messages that you receive will then be immediately encrypted with your public key. This only protects message content while at rest so you should request that the sender encrypt the email message before sending in order to ensure confidentiality.
+Mailbox.org allows for encryption of incoming mail using their encrypted mailbox. New messages that you receive will then be immediately encrypted with your public key.
However, Open-Exchange, the software platform used by Mailbox.org, does not support the encryption of your address book and calendar. A standalone option may be more appropriate for that information.
Mailbox.org has integrated E2EE encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow remote recipients to decrypt an email on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
+Mailbox.org has integrated encryption in their webmail, which simplifies sending messages to users with public OpenPGP keys. They also allow remote recipients to decrypt an email on Mailbox.org's servers. This feature is useful when the remote recipient does not have OpenPGP and cannot decrypt a copy of the email in their own mailbox.
Mailbox.org also supports the discovery of public keys via HTTP from their Web Key Directory (WKD). This allows users outside of Mailbox.org to find the OpenPGP keys of Mailbox.org users easily, for cross-provider E2EE.