Command codes are personal passwords that Starfleet officers use to access ship functions.
Command codes generally take the form of several words and numbers spoken by the officer: the words are frequently some combination of numbers and Greek letters. Routine and critical ship functions can be accessed with command codes. The computer recognizes the command code as an order to execute one or more actions in rapid succession, such as initiating a security lockdown and disabling all command functions until another coded command is issued. If spoken by the Captain, command codes allow complete control of the vessel.
In TOS "Let That Be Your Last Battlefield" and Star Trek III: The Search for Spock, Captain Kirk and the ranking officers use codes to initiate self-destruct. It is not clear whether these are command codes. However, Kirk has never accessed vital ship systems such as shields or weapons with similar codes, so it is likely they are specific to the auto-destruct system.
In TNG "Gambit", Riker uses his command code in a ruse. Troi remarks that as soon as personnel are missing or captured, their command codes are invalidated. However, command codes can apparently be remotely utilized much in the same fashion as prefix codes.
In TNG "Hero Worship" Data, Picard and Troi tell Timothy it was impossible for him to cause the ship's destruction when he slammed into a console, suggesting that Starfleet officers require command codes to use consoles. However, in TNG "The Neutral Zone" a civilian used a communications panel without a command code, and in TNG "The Hunted", intruder Roga Danar was able to use consoles in Engineering and a cargo bay without command codes.
Although command codes are invalidated if an officer is declared missing or captured, there is still a window of opportunity to exploit command codes before the crew realizes the officer is missing. If a Starfleet officer is captured, his command codes may be used to send remote orders to a Starfleet vessel. The officer's voice may need to be simulated to bypass biometric authentication.
The most likely method of attack is to lure the Captain on an away mission, obtain the command codes to his vessel, and commandeer it. Countermeasures depend highly on the competence of the bridge crew in either overriding the Captain's command codes, if this is possible as with the prefix code, or the Captain himself in not allowing himself to be placed in extreme danger.
We see in VOY "Investigations" that these codes are not necessarily tied to any sort of voice-matching or other user authentication. Torres used a high-level engineering access code in the presence of unauthorized personnel (namely Neelix), allowing him subsequently to violate personal safeguards on another crewman's console.