Deactivating BitLocker and device encryption

@Zimmy24well first of all, you can just choose to suspend BitLocker prior to restarting for a BIOS update rather than completely turning it off, fyi.  But even entering the Recovery Key doesn't mean your whole system is being re-encrypted.

Anyhow, the reason you're prompted for a Recovery Key is that BitLocker (by default, anyway) stores the decryption key inside the system's TPM chip on the motherboard.  The TPM will only release that key automatically if the system passes its "platform integrity check".  That check basically confirms that nothing about the hardware or firmware environment has changed relative to the "known trusted" state, since certain types of hardware or firmware changes could be part of a security exploit attempt to compromise the decryption key the TPM is about to release.  A BIOS update (or downgrade) along with certain BIOS settings changes or hardware additions or removals all count as changes that would cause the platform integrity check to fail, since all of those things could potentially be used as part of a security exploit.  In the case of a BIOS version change, in theory the BIOS downgrade or even update may have been to a version that contains a known security vulnerability, for example.

When a platform integrity check failure occurs, the TPM refuses to release the key and you are instead prompted for the Recovery Key.  If you enter it, the TPM will "re-seal" itself to the current hardware and firmware state and trust that going forward.  It does NOT need to re-encrypt your entire system.  You just had to provide the decryption key manually once.

If on the other hand you suspend BitLocker prior to making the change, then the TPM will automatically update to trust the new configuration without prompting you for the Recovery Key.