diff --git a/zerver/lib/avatar_hash.py b/zerver/lib/avatar_hash.py
index 5a1026c99e..26d015428a 100644
--- a/zerver/lib/avatar_hash.py
+++ b/zerver/lib/avatar_hash.py
@@ -24,7 +24,6 @@ def user_avatar_hash(uid: str) -> str:
     # The salt probably doesn't serve any purpose now.  In the past we
     # used a hash of the email address, not the user ID, and we salted
     # it in order to make the hashing scheme different from Gravatar's.
-    assert settings.AVATAR_SALT is not None
     user_key = uid + settings.AVATAR_SALT
     return make_safe_digest(user_key, hashlib.sha1)
 
diff --git a/zerver/migrations/0032_verify_all_medium_avatar_images.py b/zerver/migrations/0032_verify_all_medium_avatar_images.py
index 088fe2f9f4..df10daf86c 100644
--- a/zerver/migrations/0032_verify_all_medium_avatar_images.py
+++ b/zerver/migrations/0032_verify_all_medium_avatar_images.py
@@ -19,7 +19,6 @@ from zerver.models import UserProfile
 # since we rearranged the avatars in Zulip 1.6.
 def patched_user_avatar_path(user_profile: UserProfile) -> str:
     email = user_profile.email
-    assert settings.AVATAR_SALT is not None
     user_key = email.lower() + settings.AVATAR_SALT
     return make_safe_digest(user_key, hashlib.sha1)
 
diff --git a/zproject/computed_settings.py b/zproject/computed_settings.py
index ec84882713..393bcbe421 100644
--- a/zproject/computed_settings.py
+++ b/zproject/computed_settings.py
@@ -82,7 +82,7 @@ SHARED_SECRET = get_mandatory_secret("shared_secret")
 # avatar.  If this salt is discovered, attackers will only be able to determine
 # that the owner of an email account has uploaded an avatar to Zulip, which isn't
 # the end of the world.  Don't use the salt where there is more security exposure.
-AVATAR_SALT = get_secret("avatar_salt")
+AVATAR_SALT = get_mandatory_secret("avatar_salt")
 
 # SERVER_GENERATION is used to track whether the server has been
 # restarted for triggering browser clients to reload.