Firebase auth ignoring SHA1


I have setup a “fake” SHA1 fingerprint on my Android app in the Firebase console.
But after that, I am still able to authenticate to firebase with email/password method from my Android app.

Could you please explain the correct method to restrict firebase authentication with a SHA1 fingerprint for Android app ?