As Google has the app Google Authenticator, also Microsoft has an app called Authenticator (Autenticatore in Italian) that provide a 30 secs validity token for a two step authentication.
To configure this secure procedure you must go on your Microsoft Account in the Security & privacy section and then to the More security settings section: here you can find a section related to the two-step verification and you must click on Set up two-step verification. After an explanation page, there is a further page where a app password is provided. You must launch the Authenticator app, click on + to add a new account, write your Microsoft account name and then copy in the private key the password provided before.
You could find also useful the following links:
Be careful that, till now, some instructions that are provided in the MS site are not correct: you actually do not have to change the MS account password on your smartphone. Anyway, if the phone needs to update the password, it’ll prompt you when needed …
BE CAREFUL: if you still have a Windows Phone 7 device (as I have for debug) you won’t be able to log in anymore in the Microsoft account where you set the two step authentication, because this feature was not supported by that old OS version … and if you are not authenticated with your MS account, you cannot download nothing from the Store (new app or update of already installed ones)!