I want to use a mobile code system such that when logging into a website (using a computer), the user will get a text message asking them to enter a code before they can login.
In doing this, what are the chances of the user's information being compromised?
This is a very broad question and it's impossible to tell what level of attacker sophistication you are talking about. If you want to know how hack-safe mobile phones are, that would be off-topic here. Maybe that would work on IT security.SE, I don't know.
But generally, to state the obvious: If the hacker doesn't have access to the mobile phone, it becomes very difficult to break in - at least as far as the route of stealing or guessing the user's credentials is concerned.
Google are employing something similar as an optional additional security feature.: If you log in from a client that Google hasn't seen yet, you are sent an activation code to your mobile phone.