You can turn it off without resorting to a local account, although it's non-obvious.
GPEdit -> Computer Configuration → Administrative Templates → Windows Components → BitLocker Drive Encryption → Operating System Drives → “Choose how BitLocker-protected operating system drives can be recovered”
No, the actual data encryption key doesn't need to change unless you're very paranoid. The backup key and your normal key is just to decrypt the data encryption key.
GPEdit -> Computer Configuration → Administrative Templates → Windows Components → BitLocker Drive Encryption → Operating System Drives → “Choose how BitLocker-protected operating system drives can be recovered”
Repeat for other drives.