![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 28.999999999999996%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 16%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EV%3C/text%3E%3C/svg%3E)
Hello Raymond Segbedzi-Atroh,
Since the former employee is no longer with the organization, you likely cannot access their personal security info page (myaccount.microsoft.com) without resetting their credentials. As a system administrator, your best route to find that key is strictly through the Microsoft Entra admin center (formerly Azure Active Directory). You should navigate to Identity > Devices > All devices in the portal. The most reliable method here is to search specifically using the Recovery Key ID displayed on the BitLocker screen (the first 8 characters usually suffice for the search filter) rather than the device name, which might have changed or be duplicated. If the device was properly Entra-joined or Intune-managed, the 48-digit recovery key will be listed under the "BitLocker keys" blade of that device object.
If the key isn't present in Entra ID, and given that data recovery is not required, you should proceed immediately to wiping the device to return it to the deployment pool. Because this is a Dell Latitude 7430, the most secure and efficient "best practice" method is to utilize the built-in Dell Data Wipe feature before attempting to reinstall Windows. You can access this by entering the BIOS (press F2 repeatedly at boot), navigating to Security > Data Wipe (or Maintenance > Data Wipe on some firmware versions), checking "Wipe on Next Boot," and confirming. This utilizes the SSD's internal command set to cryptographically erase or overwrite all blocks, effectively destroying the BitLocker container and the data within it instantly.
Alternatively, if you prefer to handle this during the OS deployment phase or if the BIOS wipe is unavailable, you can boot directly from your Windows 10/11 installation media (USB or PXE). When you reach the strictly technical "Where do you want to install Windows?" screen, you will see the drive encrypted with "Unknown" partition types. You must delete every partition listed for Drive 0 until you are left with a single "Unallocated Space" entry. If the drive is stubborn due to the encryption, press Shift + F10 to open a command prompt, type diskpart, then select disk 0, and finally execute the clean command. This strips the GPT partition table and the BitLocker lock, allowing the Windows installer to create a fresh partition structure and TPM binding for the new user.
I hope you've found something useful here. If it helps you get more insight into the issue, it's appreciated to accept the answer. Should you have more questions, feel free to leave a message. Have a nice day!
VP
