We might send you a text message when you sign in to your Windows phone for the first time or if you try to use a feature that requires you to verify your identity. We might also text you when you sign in to a device that we haven’t seen you use before.
If you have two-step verification turned on to help protect your account, you can choose to receive your security code through text message when you sign in.
A text with a help link. During the Windows phone sign-in process, we use the phone number associated with your Microsoft account to text you. We use the security code in this message to automatically verify that the account is yours. This verification should only be necessary once for the lifetime of your phone, assuming that you use your phone regularly.
A text with a security code. This message has a security code and is labeled Microsoft account security code or Microsoft account verification code.
We’ll only send a text message to the primary phone number on your Microsoft account. If your Microsoft account doesn't have a cell number associated with it, we'll contact you using one of the methods you've provided—your email address, for example. You can change your contact information on the Microsoft account site.
Instead of receiving security codes in a text message or email, your phone can generate them with an app. If you want to generate security codes, check out the Microsoft Authenticator app for Windows phone, Android, or iOS. Add your Microsoft account to the app by signing in with your credentials or by visiting your security settings page and selecting Set up identity verification app.
Windows 10 offers a new security option that replaces the need for two-step verification. Windows Hello uses biometrics (your fingerprint or face, if your device has that capability) or a PIN to verify your identity instead of sending you a security code. Learn more about this and Get started with Windows Hello.