Credential harvesting pages are the fake login screens employees see after clicking a link in a data-harvesting phishing simulation. They're how Fable tests whether your employees will hand over credentials to a convincing impersonation of a real login flow.

Fable maintains a growing library of credential harvesting pages that mimic the login experience of common SaaS vendors, SSO providers, and internal tools. The library is continuously expanding — new pages can be added on demand, and any vendor your employees use can be covered on request.

This guide explains what types of credential harvesting pages are available, how they're attached to a simulation template, how to pick one when multiple options exist, and how to preview what an employee will see.

What's Included

Where credential harvesting pages live in Fable

Credential harvesting pages are attached to simulation templates in the Catalog. Every data-harvesting template has four fields:

• Vendor — the brand being impersonated (e.g., Adobe, Google, Figma, DocuSign).

• Attack vector — for credential harvesting, this is set to Data Harvesting.

• Harvesting page — which fake login page is served when an employee clicks the link.

• Failure scenario — what counts as a "fail" (e.g., Entered data).

The Vendor field drives everything: Fable offers a specific set of harvesting pages for each vendor, and the Harvesting page options update based on which vendor you pick.

How the Harvesting page field behaves

The Harvesting page field behaves differently depending on the vendor:

1. Vendors with multiple harvesting pages (e.g., Google) show a dropdown with each available page plus a Default option. You can switch between them — for example, a Google template can be served with a Google-branded sign-in page or with the tenant default.

2. Vendors without a custom harvesting page show a read-only "Default" label. These templates serve your tenant's default credential harvesting page — an Okta login page unless you've customized it.

Fable is continuously expanding the vendor library, so vendors that only show "Default" today may gain custom harvesting pages in future releases.

Live preview of the harvesting page

Every simulation template has two tabs at the top of the preview area: Email and Harvesting page. Clicking Harvesting page renders a live preview of exactly what an employee will see after clicking the link. The preview updates immediately when you switch the Harvesting page dropdown, so you can compare options side by side before saving.

Customer-specific SSO pages

For customers with distinctive, branded SSO flows, Fable can stand up a page that mimics your real login experience end-to-end. This is the highest-fidelity credential-harvesting simulation Fable offers. Once configured for your tenant, it becomes the page served for any template that falls back to the default. Work with your TAM to set this up.

What gets captured (and what doesn't)

When an employee submits credentials on a page, Fable records that a submission occurred and captures a screenshot of the page the employee saw. The submitted credentials themselves are never stored. The screenshot is later reused in follow-up briefings so employees can see the exact page they fell for.

Getting Started

How to pick a credential harvesting page for a simulation template

Use this when you're creating or editing a data-harvesting simulation template in the Catalog.

1. Go to Catalog → Simulations and open the template you want to edit.

2. In the Template details panel, click Edit.

3. Confirm the Vendor matches the brand the email is impersonating (Adobe, Google, etc.). The Harvesting page options depend on this field.

4. Open the Harvesting page dropdown:

   • If the vendor has multiple harvesting pages, pick the one you want (e.g., Google (Global) for a branded Google sign-in, or Default to fall back to the tenant default).

   • If only Default is available, the tenant default (Okta unless customized) will be served — no further action needed.

5. Click the Harvesting page tab at the top of the preview to see exactly what employees will see.

6. Click Save.

How to preview what the employee will see

1. Open the simulation template.

2. Click the Harvesting page tab (next to the Email tab) above the preview pane.

3. The live preview renders the selected harvesting page in its real form.

4. Switch the Harvesting page dropdown to compare options — the preview updates immediately.

How to request a new vendor harvesting page

If the vendor you want to phish against isn't yet in the Catalog, or the only option is Default and you want a branded page:

1. Contact your TAM with the vendor name and the specific login page you want recreated.

2. Fable's content team stands up the page and adds it to the vendor's Harvesting page dropdown.

3. Once it's live, the new option appears automatically in the template editor.

How to set up a customer-specific SSO page

If you want the highest-fidelity simulation possible:

1. Contact your TAM.

2. Share the details of your SSO login flow (branded login URLs, MFA step, logo, colors, any distinctive UX).

3. Fable stands up an end-to-end recreation of your login experience and configures it as your tenant's default.

4. Any simulation template that falls back to Default will now serve your branded SSO page.

FAQ

What is a credential harvesting page?

It's the fake login screen an employee sees after clicking a link in a data-harvesting phishing simulation. It's designed to look visually indistinguishable from the real vendor's login so Fable can test whether employees will submit credentials.

Where do I change the harvesting page for a simulation?

In the Catalog. Open the simulation template, click Edit on Template details, and use the Harvesting page dropdown. The tab labeled "Harvesting page" at the top of the preview shows a live render.

Why is the Harvesting page field a dropdown on some templates and a plain label on others?

The Harvesting page field is driven by the Vendor. Vendors with multiple custom harvesting pages (like Google) show a dropdown you can switch between. Vendors without a custom harvesting page show a read-only "Default" label — those simulations use your tenant's default credential harvesting page.

What does "Default" mean in the Harvesting page dropdown?

It's your tenant's default credential harvesting page — an Okta login page unless you've customized it. If Fable has stood up a customer-specific SSO page for your tenant, that's what Default resolves to.

Can I see exactly what the employee will see before I run the simulation?

Yes. Click the Harvesting page tab at the top of the preview pane. The preview updates live when you switch the Harvesting page dropdown.

Are employee credentials stored?

No. Credentials submitted on these pages are never stored. Only the fact that a submission occurred is recorded, along with a screenshot of the page the employee saw.

What's the difference between a vendor page and a customer-specific SSO page?

A vendor page is a generic recreation of a common vendor login (e.g., a standard Google sign-in) that can be selected from the Harvesting page dropdown on any matching template. A customer-specific SSO page is a recreation of your branded login flow end-to-end — same URLs, branding, and UX your employees see every day. Customer-specific pages are higher fidelity and are set up as your tenant default by Fable.

Can we use our own SSO branding?

Yes. Work with your TAM to stand up a customer-specific SSO page for your tenant.

Can I add a new vendor page myself?

Not today. New pages are stood up by Fable's content team in partnership with your TAM.

Can employees tell the page is a simulation?

The pages are designed to be visually indistinguishable from the real vendor login. Employees learn it was a simulation through Fable's follow-up briefing and notification after the fact.