I if somebody (or some machine) knows your password, they can use it. Just type it in. Voice authentication, knowing the password is not enough, the right person must say the phrase. Recordings don't work (low signal), and previously used recordings can be detected.

How do you detect previously used recordings such that they can not be altered to be accepted again?