diff --git a/netbox/secrets/models.py b/netbox/secrets/models.py
index b3621f79c..337f2e252 100644
--- a/netbox/secrets/models.py
+++ b/netbox/secrets/models.py
@@ -233,15 +233,23 @@ class Secret(CreatedUpdatedModel):
             pad_length = 16 - ((len(s) + 2) % 16)
         else:
             pad_length = 0
-        return chr(len(s) >> 8) + chr(len(s) % 256) + s + os.urandom(pad_length)
+        return (
+            chr(len(s) >> 8).encode() +
+            chr(len(s) % 256).encode() +
+            s.encode() +
+            os.urandom(pad_length)
+        )
 
     def _unpad(self, s):
         """
         Consume the first two bytes of s as a plaintext length indicator and return only that many bytes as the
         plaintext.
         """
-        plaintext_length = (ord(s[0]) << 8) + ord(s[1])
-        return s[2:plaintext_length + 2]
+        if isinstance(s[0], int):
+            plaintext_length = (s[0] << 8) + s[1]
+        elif isinstance(s[0], str):
+            plaintext_length = (ord(s[0]) << 8) + ord(s[1])
+        return s[2:plaintext_length + 2].decode()
 
     def encrypt(self, secret_key):
         """
diff --git a/netbox/secrets/tests/test_models.py b/netbox/secrets/tests/test_models.py
index 8dfb39bd6..10a719077 100644
--- a/netbox/secrets/tests/test_models.py
+++ b/netbox/secrets/tests/test_models.py
@@ -100,7 +100,7 @@ class SecretTestCase(TestCase):
         # Ensure proper hashing algorithm is used
         hasher, iterations, salt, sha256 = s.hash.split('$')
         self.assertEqual(hasher, 'pbkdf2_sha256', "Hashing algorithm has been modified to: {}".format(hasher))
-        self.assertGreaterEqual(iterations, 24000, "Insufficient iteration count ({}) for hash".format(iterations))
+        self.assertGreaterEqual(int(iterations), 24000, "Insufficient iteration count ({}) for hash".format(iterations))
         self.assertGreaterEqual(len(salt), 12, "Hash salt is too short ({} chars)".format(len(salt)))
 
         # Test hash validation