Description

When adding a new domain for monitoring via DNS TXT record, the verification fails immediately if the record hasn’t propagated yet. The modal shows:

“The TXT record was not found, you may need to allow some more time for DNS to propagate between adding it then verifying.”

After that, the domain doesn’t appear anywhere in the dashboard — there’s no “pending verification” state, no option to retry verification later, and each new attempt generates a new TXT record.

This means you can’t verify a domain that takes longer to propagate unless you keep the modal open for hours and stay logged in.

Proposed Improvement

Add a persistent “Not Verified” state for newly added domains:

• When a user adds a domain and selects TXT verification, the domain should immediately appear in their dashboard with the status “Not Verified.”
  
• The verification record for that newly created entry should remain valid for 48 hours, allowing users to verify once DNS propagation completes.
  
• Users should be able to click “Verify again” later without generating a new TXT record for that same domain entry.
  
• A new TXT record should only be generated when the user explicitly starts a new verification process.
  
• Optionally, HIBP could automatically re-check the TXT record every few hours and send a notification once verification succeeds or expires after 48 hours.
  

Benefits

• Makes domain verification more reliable for users whose DNS changes propagate slowly
  
• Prevents unnecessary DNS edits and confusion
  
• Aligns with the verification process of other services (Google Search Console, AWS, Brevo, etc.)
  

Example

Currently, if you add example.com, you get a TXT record such as: hibp-verify-dweb_a45p@ux7zisj2pf3qy0zpwa6

If DNS propagation takes longer than expected and you close the modal, you lose the ability to retry — the next attempt generates a new value and requires updating DNS again.