We might send you a text message when you sign in to your Windows Phone for the first time or if you try to use a feature that requires you to verify your identity. We might also text you when you sign in to a device that we haven't seen you use before.
If you have two-step verification turned on to help protect your account, you can choose to receive your security code through text message when you sign in.
A text with a help link - During the Windows Phone sign-in process, we use the phone number associated with your Microsoft account to text you. We use the security code in this message to automatically verify that the account is yours. This verification should only be necessary once for the lifetime of your phone, assuming that you use your phone regularly.
A text with a security code - This message has a security code and is labeled Microsoft account security code or Microsoft account verification code.
We'll only send a text to the primary phone number on your Microsoft account. If your Microsoft account doesn't have a cell number associated with it, we'll contact you using one of the other methods you've provided—your email address, for example. You can change that information anytime on the Microsoft account site.
Instead of receiving security codes in a text or email, your phone can generate them with an app. If you want to generate security codes, check out the Microsoft Authenticator app for Windows Phone. You can add your Microsoft account to the app by scanning a bar code or by manually entering a secret key.
If you don't want to use two-step verification to securely sign in, consider upgrading to Windows 10 on your PC or phone. Windows 10 includes Windows Hello, which lets you verify your identity with a PIN or biometrics (your fingerprint, face, or iris, if your device has that capability). Once you've authenticated your Microsoft account with Windows Hello, you won't need to use two-step verification on your phone anymore.