Mega holding a copy of your encrypted key does not reduce security, and slightly improves security. A password generally has a laughably low number of bits. Anyone who knows or can guess your password can get your key and thus your files. Not very surprising. There is no way around the crypto entropy being limited by the password entropy. However, if your password has 2048 bits of entropy, then the attacker must crack 2048 bits of entropy to recover your key and your files.
Password entropy is an incredibly difficult problem to solve. xkcd has what has become the canonical example of this. 28 bits of entropy for a "typical" password. 44 bits of entropy for 4 random words strung together. The mega key is 2048 bits, which is roughly equivalent to 186 random words strung together or about 311 completely random typed characters. Anyone attempting to crack your crypto is going to attack the password, not the mega key.
The security increase comes from two factors. The net effect of padding your password so that its length is unknown, and the real world security from using a known, trusted and tested security algorithm.
In summary, your encryption isn't any more or less secure than the password you use. If it helps, you can think of the key stored on the servers as a salt, and the password you type in as the actual key.
(Also, if they were so inclined, why would they capture the decrypted key rather than just capturing the password itself?)