Techniques described herein include receiving, authorizing, and processing voice commands to control computing devices and perform various device capabilities. In some examples, a user computing device may implement voice command functionality using multiple independent components, with shared security credentials established between different combinations of components. An intermediate voice authorization component may receive and compare voice input data received from a user interface component with voice template data stored securely by a voice data component, to protect against a component becoming compromised by malware or exposure to an untrusted system. Voice commands may be used to execute, disable, or enable various capabilities on the user device, including different device applications and features, and may be authorized by different users with various security and authorization techniques.